Skip to main content

Activating Microsoft 365 (SSO)

Demodesk Tech avatar
Written by Demodesk Tech
Updated this week

Demodesk integrates Microsoft 365 SSO via OAuth 2.0. It’s enabled automatically when you register or sign in using “Sign in with Microsoft.”

After the first employee signs up, your IT team can see and manage the app in the Microsoft Entra admin center under Enterprise applications → Demodesk.

What we ask for and why

We request delegated (user-level) permissions so Demodesk only acts on behalf of the signed‑in user.

OpenID scopes

  • email

  • offline_access (used to refresh tokens without repeated login)

  • openid

  • profile

Microsoft Graph scopes

  • Calendars.ReadWrite: To view and create calendar events

  • Mail.Send: To send emails (confirmations, reminders, etc.) for scheduling. 

  • OnlineMeetings.ReadWrite: To read the Microsoft Teams meetings context and be able to schedule meetings (for scheduling). 

  • OnlineMeetingArtifact.Read.All: To access meeting artifacts (e.g., recordings)

  • User.Read: To identify the user

Revoking access

Access can be revoked at any time:

  • From your Demodesk account (Connections settings)

  • Directly from your Microsoft/Outlook account

Access ends immediately upon disconnection.

How to enable SSO

1. Go to the Demodesk login page and choose “Sign in with Microsoft.”

2. Review and accept the requested permissions.

3. Demodesk should appear as app in Entra under "Enterprise apps"

To make your workspace “SSO-only” (disable email/password), contact support@demodesk.com.

FAQs

Q: Does Demodesk see all calendars?

A: No. Only users who connect Microsoft 365, and only their default calendar.


Q: Are these permissions and behaviors different from Scheduling?

A: Yes. Scheduling may differ - see here for more details.

Did this answer your question?